This week Adesh examines preventative security.
Do you have a security tip you'd like to share? Why not send it in? We'll post it on our Web site, and enter you in our tips contest for a neat prize.
Data security is always a top priority for network administrators. This article looks at preventative measures that a network administrator should take for improving data security.
Implementing disk redundancy
Disk redundancy is now a standard feature for many database servers. Most servers include as part of the configuration various redundant array of independent disks (RAID) levels that offer improved security of data. The RAID level to be implemented will depend on the type of database application to be used. RAID 10, which is a combination of RAID 1 and RAID 0, uses a striped array of disks, as does RAID 0, but fully mirrors the striped data set, similar to RAID 1. RAID 10's use of multiple disks gives it the best performance of all of the RAID levels, and with the cost of hard drives declining compared to a couple years ago, implementing RAID 10 is not a costly measure.
Archiving of information
Total dependency on RAID alone cannot improve data security. Archiving of information, such as storing data on tape media is important. There are various types of tape drives that are capable of backing up different capacities of information. The more common ones are digital audio tape (DAT) and digital linear tape (DLT) (Linear Tape-Open technology will be discussed in a future article). DLT is the leading tape backup technology for a mid-sized network. DLT also has unmatched reliability, with recording head life of more than 30,000 hours and media durability greater than 1 million media passes. DAT is a popular choice when price is a major factor in considering a tape backup unit, however DAT media tapes are not as resilient as DLT tapes.
Storing the tape media
Most administrators use secure locations to store their backup media. Secure locations such as fireproof vaults are normally used. Offsite storage of critical backups is always necessary. Of course, storing data at an offsite location other than the company's branch office requires some initial investigation of the firm handling the offsite storage. Reliability is one of the key issues. In the event that the tape media is required, prompt delivery of the media is essential.
Predictive failure analysis
Network servers are designed to run 24x7 365 days a year. Thus, it is recommended that the protection of these servers, especially those used for mission critical applications, include thermal monitoring of all major components. With thermal monitoring the administrator can be notified when a major device is failing so that swift action can be taken. Most major devices are hot swappable so the server does not necessarily have to be offline when replacing a device.
System security implementation
Educating employees with a sound security plan can help a lot in ensuring that the company's data is properly secured. Apart from this security manual, network administrators should also ensure that proper security steps are taken when remote users are accessing confidential information on file servers.
About the author
Adesh Rampat has 10 years of experience with network and IT administration. He is a member of the Association of Internet Professionals, the Institute for Network Professionals and the International Webmasters Association. He has also lectured extensively on a variety of topics.
What did you think of this tip? E-mail and let us know.
Network Security Essentials: Applications and Standards, 1/e
By William Stallings
Publisher : Prentice Hall
Published : Feb 2000
Best-selling author and four-time winner of the TEXTY award for the best computer science and engineering text, William Stallings provides a practical survey of both the principles and practice of network security.
This was first published in August 2001